summaryrefslogtreecommitdiff
path: root/autogen-sprintf-overflow.patch
diff options
context:
space:
mode:
Diffstat (limited to 'autogen-sprintf-overflow.patch')
-rw-r--r--autogen-sprintf-overflow.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/autogen-sprintf-overflow.patch b/autogen-sprintf-overflow.patch
new file mode 100644
index 0000000..c336f5c
--- /dev/null
+++ b/autogen-sprintf-overflow.patch
@@ -0,0 +1,30 @@
+Origin: https://build.opensuse.org/package/show/openSUSE:Factory/autogen
+Author: Andreas Schwab <schwab@suse.de>
+Description: Fix sprintf overflow
+
+Index: autogen-5.18.16/autoopts/usage.c
+===================================================================
+--- autogen-5.18.16.orig/autoopts/usage.c
++++ autogen-5.18.16/autoopts/usage.c
+@@ -711,7 +711,7 @@ prt_vendor_opts(tOptions * opts, char co
+ OPTST_NO_USAGE_MASK | OPTST_DOCUMENT;
+
+ static char const vfmtfmt[] = "%%-%us %%s\n";
+- char vfmt[sizeof(vfmtfmt)];
++ char vfmt[sizeof(vfmtfmt) + 9];
+
+ /*
+ * Only handle client specified options. The "vendor option" follows
+Index: autogen-5.18.16/getdefs/getdefs.c
+===================================================================
+--- autogen-5.18.16.orig/getdefs/getdefs.c
++++ autogen-5.18.16/getdefs/getdefs.c
+@@ -374,7 +374,7 @@ buildPreamble(char ** ppzDef, char ** pp
+ char * pzDef = *ppzDef;
+ char * pzOut = *ppzOut;
+
+- char def_bf[ MAXNAMELEN ];
++ char def_bf[ 2 * MAXNAMELEN + 4 ];
+ char name_bf[ MAXNAMELEN ];
+ char * def_str = def_bf;
+ char * pzIfText = NULL;
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-01 02:27:16 +0000